Apr 2023 – Jul 2024 · 1 yr 3 mos · Hyderabad, Telangana, India

• GCP & AWS Cloud Audits: Conducted extensive audits across AWS and GCP environments, adhering to CIS benchmarks to ensure security compliance and best practices.
• Azure Security Labs Research & Development: Designed and developed secure labs for Azure
• DevSecOps training, benefiting hundreds of trainees and enhancing practical knowledge in cloud security.
• Cloud Security Trainer: Delivered over 8 hands-on training sessions on cloud security and Kubernetes for AWS, Azure, and GCP, focusing on container security and DevSecOps practices.
• Python & Bash Scripting: Leveraged scripting for automation in security processes, monitoring, and incident response setups, improving efficiency and reducing manual intervention.
• Achievements:
• Winner of the AWS PartyRock Generative AI Hackathon for AI-powered IaC security scanning.
• Recognized as a Women Influencer in Cloud Security at the CSA Bangalore Annual Meet 2023.
• Presented at Blackhat Europe 2023 and C0c0n 2023 on innovative cloud security topics, contributing to the global cybersecurity community.
• Certifications & Contributions:
• SecOps Group CCSP-AWS Certified, Microsoft Azure AZ-900 Certified.
• Active AWS Community Builder for security and lead for W3-CS Security, Bengaluru Chapter.
• Trainer at Blackhat USA & Europe and Bsides Bangalore for Cloud Security Training.

Jun 2021 – Apr 2023 · 1 yr 10 mos · Hyderabad, Telangana, India

• GCP & AWS Training Labs: Created automated labs for cloud security training, achieving 99% automation using Terraform and significantly reducing setup time.
• DevSecOps Pipeline Security: Architected secure CI/CD pipelines with integrated SAST, DAST, and vulnerability scanning, streamlining DevOps workflows and reducing pre-deployment vulnerabilities.
• IaC Security & Automation: Enhanced infrastructure security through automated security scans on IaC (Terraform, YAML), reducing deployment vulnerabilities by 40%.
• Audit AWS & GCP: Perform end to end audit of GCP & AWS using open source tools like prowler, scout suite, cloud query & steampipe.

May 2021 – Jun 2021 · 1 mo

Sep 2019 – May 2021 · 1 yr 8 mos

• POC on Security tools like Checkov, Terraform Compliance, Anchor, CS-suite, Stakater, Rancher, Kube-bench, etc efficiently and made a comparison between the tools by presenting the reports.
• Patched multiple physical servers, upgrade policies, managed user access given by scan for Security Auditing successfully.
• Cloud: Successfully Created AWS infrastructure using VPC, EC2, ELB, S3, IAM, EKS, SM, Cloudwatch, Cloudtrail, AWS Lambda, etc. Also used E2E Networks, Azure.
• IAC: Deployed various AWS services like VPC, EC2, S3, IAM, SM, etc using Terraform and migrated the code from v0.11 to 0.12 successfully. Added Terraform Compliance security tool to test the code for a security audit.
• SCM: Used Ansible roles/playbook and Salt for configuration management.
• Open-source contribution: Created Ansible role for server hardening "https://github.com/OT-OSM/linux_armour"
• VCS: Used Github, Gitlab, Bit bucket.
• CI/CD: Successfully integrated Security tools with Jenkins pipeline. Developed various Freestyle jobs, pipelines for automation along integration of Slack.
• Container: Created docker images from scratch and storing on docker hub and ECR.
• Orchestration: Deployed an application on Kubernetes for staging environment along with Jenkins, Kibana by implementing the HPA, CA, Load balancer in EKS. Integration of RDS(Mysql DB) and SM(secret manager) also done. Tested envt with prominent tools like Kube-bench and Kube-hunter.
• Monitoring: Knowledge of ELK stack, Prometheus & Grafana, Telegraf.
• Big Data: Basic knowledge of Hadoop, Namenode, datanode, Hive, Hue, Zookeeper etc.
• Blogs: https://medium.com/@singhanjali94

Jun 2019 – Jun 2019 · 0 mo · Gurgaon, India

• Learned to investigate crime cases with various cyber laws applicable.
• Hands on experience with tools including CDR ,ICR Analyzer etc.
• Submitted a project in a group on Social media Crawler and also a research paper on various online frauds.
• Attended seminars by top speakers from various government agencies on Forensics, Crime investigation, CDR analysis, Cyber laws and Information Technology acts.
• Leaned Mobile forensics, Crime investigation, CDR Analysis, Hardware keyloggers, Web server security.
• Research paper on The Online Frauds, Challenges and Preventions.
• Attended various seminars by TOP speakers from various government organizations.

May 2017 – Jun 2017 · 1 mo · Gurgaon, India

• Worked as Linux admin and created queries for retrieval of data from MySql database.
• Worked heavily on MySql migration and query creation for fetching data.
• Worked on log analysis.

Mar 2017 – Apr 2017 · 1 mo · New Delhi Area, India

• Completed 2 months training on Redhat Certified System Administrator.
• Worked on Ubuntu and CentOS along with complete linux administration.

Mar 2017 – Mar 2017 · 0 mo · New Delhi Area, India

• Learned and Performed Network Penetration Testing and also done Vulnerability Assessment
• Worked on Information Security Research and Development of various tools in bash and mysql scripts.
• Security Analysis & Reporting along with Metasploit, Kali 2.0, Ubuntu, etc
• Also learned various tools used to capture and sniff the packets like NMAP, Wireshark , Burpsuite etc.